Ubuntu - ModSecurity - Installing mod_security

Install modsecurity.

apt-get install libapache2-modsecurity

Verify if the mod_security module was loaded.

apachectl -M | grep --color security

You should see a module named security2_module (shared) which indicates that the module was loaded.

Modsecurity's installation includes a recommended configuration file which has to be renamed:

mv /etc/modsecurity/modsecurity.conf{-recommended,}

Reload Apache

service apache2 reload

You'll find a new log file for mod_security in the Apache log directory:

ls -l /var/log/apache2/modsec_audit.log

returns:

-rw-r----- 1 root root 0 Oct 19 08:08 /var/log/apache2/modsec_audit.log